linux-fsdevel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: "boojin.kim" <boojin.kim@samsung.com>
To: "'Mike Snitzer'" <snitzer@redhat.com>
Cc: "'Herbert Xu'" <herbert@gondor.apana.org.au>,
	"'David S. Miller'" <davem@davemloft.net>,
	"'Eric Biggers'" <ebiggers@kernel.org>,
	"'Theodore Y. Ts'o'" <tytso@mit.edu>,
	"'Chao Yu'" <chao@kernel.org>,
	"'Jaegeuk Kim'" <jaegeuk@kernel.org>,
	"'Andreas Dilger'" <adilger.kernel@dilger.ca>,
	"'Theodore Ts'o'" <tytso@mit.edu>, <dm-devel@redhat.com>,
	"'Mike Snitzer'" <snitzer@redhat.com>,
	"'Alasdair Kergon'" <agk@redhat.com>,
	"'Jens Axboe'" <axboe@kernel.dk>,
	"'Krzysztof Kozlowski'" <krzk@kernel.org>,
	"'Kukjin Kim'" <kgene@kernel.org>,
	"'Jaehoon Chung'" <jh80.chung@samsung.com>,
	"'Ulf Hansson'" <ulf.hansson@linaro.org>,
	<linux-crypto@vger.kernel.org>, <linux-kernel@vger.kernel.org>,
	<linux-fscrypt@vger.kernel.org>, <linux-mmc@vger.kernel.org>,
	<linux-samsung-soc@vger.kernel.org>,
	<linux-block@vger.kernel.org>, <linux-ext4@vger.kernel.org>,
	<linux-f2fs-devel@lists.sourceforge.net>,
	<linux-samsung-soc@vger.kernel.org>,
	<linux-arm-kernel@lists.infradead.org>,
	<linux-fsdevel@vger.kernel.org>
Subject: Re: [PATCH 6/9] dm crypt: support diskcipher
Date: Wed, 21 Aug 2019 16:54:32 +0900	[thread overview]
Message-ID: <001a01d557f5$ab0a4a40$011edec0$@samsung.com> (raw)
In-Reply-To: CGME20190821075432epcas2p3758bf7b07f209fb4094d79bf46c8f4e9@epcas2p3.samsung.com

On Wed, Aug 21, 2019 at 09:13:36AM +0200, Milan Broz wrote: 
>
> NACK.
> 
> The whole principle of dm-crypt target is that it NEVER EVER submits
> plaintext data down the stack in bio.
> 
> If you want to do some lower/higher layer encryption, use key management
> on a different layer.
> So here, just setup encryption for fs, do not stack it with dm-crypt.
> 
> Also, dm-crypt is software-independent solution
> (software-based full disk encryption), it must not depend on
> any underlying hardware.
> Hardware can be of course used used for acceleration, but then
> just implement proper crypto API module that accelerates particular
cipher.

I'm sorry for breaking the basic rules of dm-crypt. 
But, if I want to use the H/W crypto accelerator running in storage
controller,
I have to drop plaintext to bio.
I think the "proper crypto API module" that you mentioned is diskcipher
because diskcipher isn't only for FMP.
Diskcipher is a crypto API that supports encryption on storage controllers.

Thanks
Boojin Kim


       reply	other threads:[~2019-08-21  7:54 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <CGME20190821075432epcas2p3758bf7b07f209fb4094d79bf46c8f4e9@epcas2p3.samsung.com>
2019-08-21  7:54 ` boojin.kim [this message]
     [not found] <CGME20190823071848epcas2p3fe4d229d22b14162c354f88a29f366c2@epcas2p3.samsung.com>
2019-08-23  7:18 ` [PATCH 6/9] dm crypt: support diskcipher boojin.kim
     [not found] <CGME20190823042038epcas2p2000738f3ca7f5f3d92ea1c32de2bcf99@epcas2p2.samsung.com>
2019-08-23  4:20 ` boojin.kim
2019-08-23  4:27   ` Herbert Xu
     [not found] <CGME20190821075742epcas2p4b9104e8249067c048d4050f2888da0a9@epcas2p4.samsung.com>
2019-08-21  7:57 ` boojin.kim
2019-08-21  8:17   ` Herbert Xu
     [not found] <CGME20190821064230epcas2p1ad7301f2b1331bcab3126e6e37c0e272@epcas2p1.samsung.com>
2019-08-21  6:42 ` boojin.kim

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='001a01d557f5$ab0a4a40$011edec0$@samsung.com' \
    --to=boojin.kim@samsung.com \
    --cc=adilger.kernel@dilger.ca \
    --cc=agk@redhat.com \
    --cc=axboe@kernel.dk \
    --cc=chao@kernel.org \
    --cc=davem@davemloft.net \
    --cc=dm-devel@redhat.com \
    --cc=ebiggers@kernel.org \
    --cc=herbert@gondor.apana.org.au \
    --cc=jaegeuk@kernel.org \
    --cc=jh80.chung@samsung.com \
    --cc=kgene@kernel.org \
    --cc=krzk@kernel.org \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-block@vger.kernel.org \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-ext4@vger.kernel.org \
    --cc=linux-f2fs-devel@lists.sourceforge.net \
    --cc=linux-fscrypt@vger.kernel.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mmc@vger.kernel.org \
    --cc=linux-samsung-soc@vger.kernel.org \
    --cc=snitzer@redhat.com \
    --cc=tytso@mit.edu \
    --cc=ulf.hansson@linaro.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).